package com.zly.oauth.config;

import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
import org.springframework.security.web.SecurityFilterChain;

@Configuration
@EnableWebSecurity
public class SecurityConfig {



//    @Bean
//    public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
//        return http
//                .authorizeHttpRequests(authorize -> authorize
//                        .requestMatchers("/doc.html", "/v3/**", "/webjars/**").permitAll() //放行 knife4j
//                        .anyRequest().authenticated())
//                .formLogin(login -> login
//                        .loginPage("/login").permitAll()
//                        .usernameParameter("username")
//                        .passwordParameter("password")
//                        .failureUrl("/login?error")
//                                   )
//                .csrf(AbstractHttpConfigurer::disable)// 关闭跨站伪造请求
//                .cors(AbstractHttpConfigurer::disable)// 关闭跨域
//                .build();
//    }


}
